View Issue Details

IDProjectCategoryView StatusLast Update
0006367OXID eShop (all versions)4.04. Securitypublic2016-04-06 15:41
Status acknowledgedResolutionopen 
Product Version4.9.7 / 5.2.7 
Target VersionFixed in Version 
Summary0006367: Generated Captcha in pricealaram contains bad characters
DescriptionOn a detail page of an article the captcha at pricealarm generates bad characters if "$this->captchaKey = '66303bc779b76899eb7340fdb8252439';" is not set in "".
Steps To ReproduceWell, setup a new OXID eShop CE with version 4.9.7 including sample articles. After that unset "$this->captchaKey = '66303bc779b76899eb7340fdb8252439';" and navigate to any article and check the captcha code. In case you are lucky and the captcha code contains no bad characters reload the page.
Additional InformationIn a CE 4.9.4 it seems to work.
TagsNo tags attached.
BrowserNot defined
PHP Version5.3
Database VersionNot defined



2016-04-06 12:49


bad-characters.png (11,318 bytes)
bad-characters.png (11,318 bytes)


2016-04-06 15:22

reporter   ~0011522

This will not work because this file is included elsewhere. So change include_once into include.

But why are you even creating this funny class oxConfKey? If the value is not set in you can just call oxRegistry::getConfig()->getConfigParam('sConfigKey').